Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Buffer overflow attack defense method and device based on RISC-V and Canny mechanisms

A RISC-V, buffer overflow technology, applied in the computer field, can solve problems such as limited scope of application, difficulty in landing, lack of protection, etc., and achieve the effect of small system performance and good defense effect

Active Publication Date: 2021-10-22
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this method is only applicable to stack overflow scenarios caused by the lack of necessary boundary checks in string processing, for other buffer overflow forms such as heap overflow, BSS (Block Started by Symbol, blocks starting with symbols) overflow, and other reasons overflow scenarios caused by the lack of equally effective protection
At the same time, this method requires an additional calculation process to construct the Canary word, which will also have a certain impact on the operating efficiency of the system.
[0005] In order to solve the problem that the buffer overflow attack defense method based on the Canary mechanism is limited in scope and difficult to implement, the present invention proposes an implementation scheme based on the RISC-V extended instruction set

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Buffer overflow attack defense method and device based on RISC-V and Canny mechanisms
  • Buffer overflow attack defense method and device based on RISC-V and Canny mechanisms
  • Buffer overflow attack defense method and device based on RISC-V and Canny mechanisms

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0064] Below in conjunction with accompanying drawing, the present invention will be further described.

[0065] This embodiment is based on the buffer attack defense method of the Canary mechanism, wherein the overall process is as follows figure 1 As shown, it mainly includes the following steps:

[0066] 1) Analyze the source code of the program, generate a node call relationship diagram, and determine the specific instruction positions of each function call and return, wherein the function call will be recognized as a call instruction, and the function return will be recognized as a ret instruction. The node call relationship graph is a joint data structure that combines various node sets and node relationship sets. Its structure G=(V C , V R , R, nentry), where V C is the set of function call nodes, V R is a collection of function return nodes, R is a collection of corresponding relationships between function calls and return nodes, and nentry is the entry node of the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a buffer overflow attack defense method and device based on RISC-V and Canny mechanisms, and the method comprises the steps: giving a content attribute to an abstract syntax tree of a program source code, and generating a node calling relation graph G; generating special data Cannary; before a code statement corresponding to the attribute of each calling node and before a code statement corresponding to the attribute of each returning node, inserting an RISC-V extension instruction for setting the special data Canary and an RISC-V extension instruction for checking the special data Canary; and executing the program source code, setting an RISC-V extension instruction of the special data Cannary to write the special data Cannary into the current stack frame, and checking a comparison result of the RISC-V extension instruction of the special data Cannary through a value p of the special data Cannary and a value p'of the special data Cannary obtained from the current stack frame so as to perform defense. Multiple buffer overflow forms such as heap overflow, stack overflow and BSS overflow are comprehensively covered, software and hardware cooperation of security defense can be achieved, the influence on system performance is small, and a better defense effect is obtained.

Description

technical field [0001] The invention belongs to the technical field of computers, and relates to a buffer overflow attack defense method and device based on RISC-V and Canary mechanisms. Background technique [0002] With the development of the computer industry, computer software has become an indispensable part of production and life. Computer systems are widely used in various industries, including medical, education, military, political and new retail fields. With the rapid development and popularization of computer systems, how to ensure the credibility of its behavior and protect it from malicious attacks has become an important issue of common concern in both academia and industry. Buffer overflow attack is a common means of malicious attack, which uses the lack of boundary checking and other mechanisms in source programs written in memory-unsafe languages, breaks through the buffer capacity limit, and overwrites data content in other areas, thereby destroying the cor...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/54G06F21/73G06F8/75
CPCG06F21/54G06F21/73G06F8/75
Inventor 刘畅赵琛武延军芮志清吴敬征
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com